feat: configurable timings

This commit is contained in:
Nya Candy 2023-01-29 14:55:56 +08:00
parent a99045a034
commit a04c5b062e
No known key found for this signature in database
GPG Key ID: 8B1BE5E86F2E66AE
9 changed files with 54 additions and 21 deletions

View File

@ -7,3 +7,8 @@ misskey:
secret: ""
hydra:
admin_url: "http://localhost:4445"
time:
request_valid: 3600
login_remember: 600
consent_remember: 0
userinfo_cache: 3600

View File

@ -1,12 +1,10 @@
package consts
import "time"
const (
TIME_REQUEST_VALID = 1 * time.Hour
TIME_DEFAULT_REQUEST_VALID = 3600 // 1 Hour
TIME_LOGIN_REMEMBER = 10 * time.Minute
TIME_CONSENT_REMEMBER = 0 // Forever
TIME_DEFAULT_LOGIN_REMEMBER = 600 // 10 Minute
TIME_DEFAULT_CONSENT_REMEMBER = 0 // Forever
TIME_USERINFO_CACHE = 1 * time.Hour
TIME_DEFAULT_USERINFO_CACHE = 3600 // 1 Hour
)

View File

@ -5,10 +5,12 @@ import (
"fmt"
"github.com/gin-gonic/gin"
client "github.com/ory/hydra-client-go/v2"
"misso/config"
"misso/consts"
"misso/global"
"misso/utils"
"net/http"
"time"
)
func ConsentCheck(ctx *gin.Context) {
@ -57,7 +59,7 @@ func ConsentCheck(ctx *gin.Context) {
global.Logger.Debugf("Generating CSRF token...")
csrf := utils.RandString(32)
sessKey := fmt.Sprintf(consts.REDIS_KEY_CONSENT_CSRF, oauth2challenge)
err := global.Redis.Set(context.Background(), sessKey, csrf, consts.TIME_REQUEST_VALID).Err()
err := global.Redis.Set(context.Background(), sessKey, csrf, time.Duration(config.Config.Time.RequestValid)*time.Second).Err()
if err != nil {
global.Logger.Errorf("Failed to save csrf into redis with error: %v", err)
ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{

View File

@ -5,10 +5,10 @@ import (
"fmt"
"github.com/gin-gonic/gin"
client "github.com/ory/hydra-client-go/v2"
"misso/config"
"misso/consts"
"misso/global"
"net/http"
"time"
)
type ConsentConfirmRequest struct {
@ -88,9 +88,9 @@ func ConsentConfirm(ctx *gin.Context) {
global.Logger.Debugf("User accepted the request, reporting back to hydra...")
global.Logger.Debugf("Initializing ID Token...")
rememberFor := int64(consts.TIME_CONSENT_REMEMBER / time.Second) // Remember forever
rememberFor := config.Config.Time.ConsentRemember // Remember forever
acceptReq, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2ConsentRequest(context.Background()).ConsentChallenge(oauth2challenge).AcceptOAuth2ConsentRequest(client.AcceptOAuth2ConsentRequest{
GrantScope: consentReq.RequestedScope, // TODO: Specify scopes
GrantScope: consentReq.RequestedScope,
GrantAccessTokenAudience: consentReq.RequestedAccessTokenAudience,
Remember: &req.Remember,
RememberFor: &rememberFor,

View File

@ -5,10 +5,12 @@ import (
"fmt"
"github.com/gin-gonic/gin"
client "github.com/ory/hydra-client-go/v2"
"misso/config"
"misso/consts"
"misso/global"
"misso/misskey"
"net/http"
"time"
)
func Login(ctx *gin.Context) {
@ -69,7 +71,7 @@ func Login(ctx *gin.Context) {
// Save login challenge state into redis (misskey cannot keep state info)
sessKey := fmt.Sprintf(consts.REDIS_KEY_LOGIN_SESSION, authSess.Token)
err = global.Redis.Set(context.Background(), sessKey, oauth2challenge, consts.TIME_REQUEST_VALID).Err()
err = global.Redis.Set(context.Background(), sessKey, oauth2challenge, time.Duration(config.Config.Time.RequestValid)*time.Second).Err()
if err != nil {
global.Logger.Errorf("Failed to save session into redis with error: %v", err)
ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{

View File

@ -10,7 +10,6 @@ import (
"misso/global"
"misso/misskey"
"net/http"
"time"
)
func MisskeyAuthCallback(ctx *gin.Context) {
@ -75,13 +74,15 @@ func MisskeyAuthCallback(ctx *gin.Context) {
}
global.Logger.Debugf("User accepted the request, reporting back to hydra...")
remember := true
rememberFor := int64(consts.TIME_LOGIN_REMEMBER / time.Second)
acceptReq, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2LoginRequest(context.Background()).LoginChallenge(oauth2challenge).AcceptOAuth2LoginRequest(client.AcceptOAuth2LoginRequest{
Subject: userIdentifier,
Remember: &remember,
RememberFor: &rememberFor,
}).Execute()
acceptReq := client.AcceptOAuth2LoginRequest{
Subject: userIdentifier,
}
if config.Config.Time.LoginRemember > 0 {
remember := true
acceptReq.Remember = &remember
acceptReq.RememberFor = &config.Config.Time.LoginRemember
}
acceptRes, _, err := global.Hydra.Admin.OAuth2Api.AcceptOAuth2LoginRequest(context.Background()).LoginChallenge(oauth2challenge).AcceptOAuth2LoginRequest(acceptReq).Execute()
if err != nil {
global.Logger.Errorf("Failed to accept login request with error: %v", err)
ctx.HTML(http.StatusInternalServerError, "error.tmpl", gin.H{
@ -91,7 +92,7 @@ func MisskeyAuthCallback(ctx *gin.Context) {
}
// Redirect to target uri
ctx.Redirect(http.StatusTemporaryRedirect, acceptReq.RedirectTo)
ctx.Redirect(http.StatusTemporaryRedirect, acceptRes.RedirectTo)
global.Logger.Debugf("User should now be redirecting to target URI.")

View File

@ -3,6 +3,7 @@ package inits
import (
"gopkg.in/yaml.v3"
"misso/config"
"misso/consts"
"os"
)
@ -23,5 +24,21 @@ func Config() error {
return err
}
// Validate time
if config.Config.Time.RequestValid <= 0 {
config.Config.Time.RequestValid = consts.TIME_DEFAULT_REQUEST_VALID
}
if config.Config.Time.LoginRemember < 0 {
// 0 means don't remember (in extreme account switch situations)
config.Config.Time.LoginRemember = consts.TIME_DEFAULT_LOGIN_REMEMBER
}
if config.Config.Time.ConsentRemember < 0 {
// 0 means remember forever (default behavior)
config.Config.Time.ConsentRemember = consts.TIME_DEFAULT_CONSENT_REMEMBER
}
if config.Config.Time.UserinfoCache <= 0 {
config.Config.Time.UserinfoCache = consts.TIME_DEFAULT_USERINFO_CACHE
}
return nil
}

View File

@ -14,4 +14,10 @@ type Config struct {
Hydra struct {
AdminUrl string `yaml:"admin_url"`
} `yaml:"hydra"`
Time struct {
RequestValid int64 `yaml:"request_valid"`
LoginRemember int64 `yaml:"login_remember"`
ConsentRemember int64 `yaml:"consent_remember"`
UserinfoCache int64 `yaml:"userinfo_cache"`
} `yaml:"time"`
}

View File

@ -4,9 +4,11 @@ import (
"context"
"encoding/json"
"fmt"
"misso/config"
"misso/consts"
"misso/global"
"misso/types"
"time"
)
func SaveUserinfo(subject string, userinfo *types.MisskeyUser) error {
@ -16,7 +18,7 @@ func SaveUserinfo(subject string, userinfo *types.MisskeyUser) error {
return err
}
sessUserInfoKey := fmt.Sprintf(consts.REDIS_KEY_USER_INFO, subject)
err = global.Redis.Set(context.Background(), sessUserInfoKey, userinfoBytes, consts.TIME_USERINFO_CACHE).Err()
err = global.Redis.Set(context.Background(), sessUserInfoKey, userinfoBytes, time.Duration(config.Config.Time.UserinfoCache)*time.Second).Err()
if err != nil {
global.Logger.Errorf("Failed to save session user info into redis with error: %v", err)
return err